Friday, February 25, 2005

fyi Spam Controls Imperil E-Mail Reliability


Pointer to article:

Kobielus kommentary:
Think of how many business and personal relationships are getting hung up with undelivered (or quarantined—same thing) e-mail. Think of how many people are too lazy or too shy to escalate the matter through a simple human touch: a phone call to see if a message went through (assuming that the sender has the intended recipient’s phone number).

E-mail has always been, essentially, best-effort delivery. Unfortunately, best effort isn’t good enough in a world that hinges on e-mail, and isn’t enough to surmount the mail-filtering barricades we’re constructing everywhere. Blame spam, viruses, Trojans, and so forth with closing the e-mail frontier and initiating a cold war of contending forces (allied e-mail users vs. the evil axis of confederated malware perpetrators).

How do you detect the e-mail messages you’re not receiving (without checking your quarantine folders)? If you expect a particular e-mail from a particular sender on a periodic schedule (such as daily and weekly), and you’re not getting it, then you’re likely to check quarantine. But if it’s the normal crush of any-old-time e-mails from any-old-sender (or new sender), you’ll probably never know it arrived and was shunted to quarantine. Or, more to the point, you’ll never know unless the sender has access to a secondary channel for notifying you. Such as IM. Or SMS. Or the phone. Or walking down the hall and telling you.

All of which raises the issue of spam jumping the synapse gap from one electronic medium (e-mail) to others. As you raise filtering barriers in these other media, how will necessary/desired escalations (i.e., from senders you OK) get through to you?

One approach is to build a whitelist-driven notification mechanism into e-mail. When you pull down your inbox, you should only see messages from pre-approved senders (such as those in your address book or corporate directory). All other messages should have been shunted to quarantine. However, your inbox should have a separate frame that simply shows the identities of senders in quarantine (but doesn’t show the message subject lines or text), and ranks those senders by likelihood of their being spammers.

With a mouse click, you could simply select authorized senders from that list, and have their messages thereby moved to your inbox. Alternately, those senders might have their e-mail addresses linked with their IM screen names; if they’re in your IM buddy list, they might be able to send you an IM to display within the e-mail “quarantine escalation” frame, requesting movement to your inbox. Or you might have provided your IM buddies with the ability to automatically get their e-mails delivered to your inbox. If they’re in your VOIP or SMS directory, you might set them up with similar privileges: send an e—mail delivery escalation message or automatic delivery to your e-mail inbox.

Whitelisting is so critical in the new order of filtered messaging infrastructure. Whitelisting, if it’s going to work in a multi-messaging/multi-service communications environment, has to be able to link addresses and identities across diverse domains. And to give you, the message recipient, the ability to define the policies that give all your trusted identities priority delivery to your world. Or the ability to holler at you through a special transom that you and they have pre-arranged.